Slashdot Mirror

← Back to Stories (view on slashdot.org)

My Short Life As An Unintentional Porn Spammer

Posted by timothy on from the you've-got-spam dept.

Freerange writes "Mike Masnick wrote up his experience getting slammed by a somewhat new kind of spam attack that doesn't get much hype (yet?). A spammer spoofed his personal email address as the 'reply-to' for a batch of spam, with interesting results for Mike: "I can now answer the questions 'who replies to spam?' and (should anyone ever wonder) 'what are the hundreds of variations on bounced messages?'" From Politech."

5 of 557 comments (clear)

  1. It's nothing new by Anonymous Coward · · Score: 5, Informative
    It's referred to as a "Joe Job" or that you've been "joe jobbed"

    an article about it

  2. Re:No way to contact spammer by wobblie · · Score: 5, Informative

    Some spams are purely for confirmation that your email address works. I repeatedly see spams which have 1x1 pixel gif's that link to a script to call the image and pass your email address off to that script. Biggest reason not to use HTML mail.

  3. Re:Why? by Neon+Spiral+Injector · · Score: 5, Informative

    Hanging out on some anti-spam news groups I've seen this happen to people who go after spammers. In this case the spammer quite intentionally selects the FROM: address to make the bounces and irrate replies cause trouble for someone who has been causing trouble for the spammer. This is called a "Joe-job".

  4. Re:Why? by Fluffy+the+Cat · · Score: 5, Informative

    In general, it's not a good idea to accept mail unless you think you can correctly generate a bounce message if you fail to deliver it. As a result, many mail servers will refuse to accept mail if the

    MAIL FROM:

    section of the SMTP exchange doesn't include a domain that exists. Some will go further and do some checks to see if the localpart exists, too. If the spammers want to get to as many addresses as possible, they have to use a real address rather than a made up one. In some cases, they'll pick the address of someone who's irritated them (anti-spammers, for instance).

  5. New Mail RFC by Ayanami+Rei · · Score: 5, Informative

    You mean like this?

    RFC 2487: SMTP Service Extension for Secure SMTP over TLS.

    SMTP [RFC-821] servers and clients normally communicate in the clear over the Internet.... Further, there is often a desire for two SMTP agents to be able to authenticate each others' identities. For example, a secure SMTP server might only allow communications from other SMTP agents it knows, or it might act differently for messages received from an agent it knows than from one it doesn't know.

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON